Business Legal Services
Data Protection Health Check
Your roadmap to GDPR compliance with actionable advice and support
If you process any personal data – for your employees, contractors or clients, you need to be confident you’re not breaching data protection rules.
Our Data Protection Health Check package is a quick and easy way to address your compliance needs. You’ll get a report identifying any gaps in your compliance and access to jargon-busting training materials for your staff.
Package deliverables:
Your data audit package
When it comes to data protection, there is no one-size fits all approach — you must implement measures and design a compliance programme that is proportionate and appropriate to your organisation. Our Data Protection Health Check is the perfect starting point, offering two options based on the complexity, size, or specific needs of your business. It is designed to help you meet your obligations under UK GDPR and data protection laws.
Data protection audit and gap analysis report
Your Health Check begins with a comprehensive questionnaire covering all aspects of your organisation’s data processes. to help us understand your current level of compliance and related risks. Based on this, we’ll provide a gap analysis report that sets out our findings and recommended steps to help you:
- Progress towards meeting current and future data protection obligations
- Safeguard personal data, data subjects, data processing activities and, in doing so, protect your reputation
- Manage data protection-related risks, including those relating to direct marketing communications, your employees and international data transfers
- Strengthen your position in the event of a complaint or an incident concerning the ICO.
Your report will be confidential to you and your organisation.
Access to training materials
A key principle of UK GDPR is accountability. Ensuring your team have appropriate training is one way to demonstrate compliance, as well as helping to reduce your chances of a data breach.
Access three practical training videos covering:
- Data protection training for all employees – key issues that all employees need to know about their information handling responsibilities and data protection
- Data protection and marketing – covering consent, cookies and common data uses such as email marketing
- Data protection for employers – key considerations around employer responsibilities and employee information
What we’ll do and when
- When you sign up for a data protection health check, you will be introduced to one of our senior data protection solicitors who will be compiling your gap analysis report. At this point, you will receive access to the training videos and a questionnaire for you to complete.
- You will then be required to complete the questionnaire regarding your organisation’s current data protection practices and compliance, which will form the basis of the gap analysis report. We include a Q&A video walkthrough, which provides guidance on how to complete the questionnaire.
- Once we receive your completed questionnaire, your assigned solicitor will compile your gap analysis report. We will aim to deliver this within one week of receiving your completed questionnaire.
- The package is delivered at a set price – five hours of a solicitor’s time. You will be invoiced for this at the time of instruction.
- When you enquire about our Data Protection Health Check, we will discuss which of our Health Check options is best suited to your needs:
- Our standard audit which will suit most small to medium businesses with average data processing practices.
- Our comprehensive check for more complex organisations better suited to data controllers.
- You will then be introduced to one of our senior data protection solicitors who will be compiling your gap analysis report. At this point, you will receive access to the training videos and a questionnaire to complete about your organisation’s current data protection practices and compliance. This will form the basis of the gap analysis report. We include a Q&A video walkthrough, which provides guidance on how to complete the questionnaire.
- Once we receive your completed questionnaire, your assigned solicitor will compile your gap analysis report. We will aim to deliver this within one week of receiving your completed questionnaire.
- Each Health Check option is delivered at a set price of either five or ten hours of a solicitor’s time, based on what is agreed at the outset. You will be invoiced for this at the time of instruction.
What happens after you receive your report?
- You will have a clear idea of what needs to be done and where your priorities lie ensure ongoing compliance with UK GDPR and data protection regulations.
- However, having a plan is only the first step – effective implementation is key. We recognise the operational challenges your business may face, whether securing internal buy-in, upskilling your teams, developing the necessary policies and templates, or establishing robust data protection processes.
- Our experienced team offers a comprehensive range of follow-on services to support you and your business to achieve and maintain compliance.
After your Health Check, you can work with us to help you implement your remediation plan to address any gaps in your compliance. This work will be costed separately from the Data Protection Health Check and can also be provided as part of our outsourced Data Protection Officer as a Service (DPOaaS). Our DPOaaS offers ongoing, cost-effective compliance management with expert guidance—giving you all the benefits of a DPO without the need for an in-house position.
Our data protection services include:
Arrange your data health check
We’re not like traditional law firms. To provide your business with flexible and affordable legal support, there are three different ways you can work with us: pay-as-you-go and two subscriptions. Learn more about our service plans.
How much does the package cost?
| Service plan
|
Engage
Legal support on our Standard Rates |
Enable
Monthly subscription |
Extend
Quarterly subscription |
| Health Check (standard)¥ | £1,490 | £745* | Cost equivalent to five hours from your plan |
| Health Check (comprehensive)≠ | £2,980 | £1,490* | Cost equivalent to ten hours from your plan |
Our standard Data Protection Health Check is the equivalent to five hours, and is ¥geared towards small to medium businesses with average data processing practices. Our comprehensive Health Check is equivalent to ten hours of legal support ≠better suited to data controllers or more complex organisations. The costs listed are exclusive of VAT. Our Enable and Extend plans offer up to 50% discount on our Standard Rates (Engage plan). *Minus any accrued credit on your Enable plan.
Data protection applies to all businesses
What happens if you get data protection wrong?
Data protection legislation applies to any information an organisation keeps on its staff, customers and suppliers, and will likely inform many elements of business operations, from recruitment and HR, to sales, marketing or account management.
Businesses are operating in a data-centric world where personal data is the new ‘commodity’. If the Information Commissioner’s Office (ICO) receives a complaint about your company, they will investigate.
The resulting impact can include any of the following:
A drain on resources
Whether a claim has merit or not, your team will lose precious time evaluating and responding to any issues. This distracts from your business as usual and can affect your bottom line.
Preventing business operations
The ICO can take enforcement action which could significantly impact your business operationally, for example by banning the processing of data or suspending transfers.
Reputational damage
Actions by ICO and court proceedings are in the public domain, so if you are found to have breached UK GDPR the damage to your organisation’s reputation could be long-reaching and signify a breakdown of trust with your customers/suppliers/employees.
Claims from private individuals
Individuals are more data protection savvy, meaning they understand their rights more. If a fault occurs, they can issue a private claim directly through the courts for compensation.
Hefty fines
The UK GDPR and DPA 2018 set a maximum fine of £17.5 million or 4% of annual global turnover – whichever is greater – for severe infringements.
It’s important to note that directors can also be personally liable for data breaches or other data protection failures in some circumstances.
Data Protection Health Check
Gap analysis report
What are the benefits of a data protection audit?
An audit is your first step towards compliance, providing a bird’s eye view of what personal data your organisation is handling and where the key risks lie.
Please be aware, the audit alone will not guarantee compliance, you may need to action additional steps and require follow-up support to ensure full compliance.
Demonstrate accountability
UK GDPR imposes an accountability requirement on every business that controls or processes personal data. You must be able to show – on an ongoing basis – that you are meeting the requirements of UK GDPR. A data protection audit is one of the best ways to do this.
A clear action plan
We’ll highlight any pitfalls and use our experience to prioritise action points, providing practical recommendations specific to your business and data practices.
Help manage your data
With the company-wide review of data inherent in a data protection audit you will be able to identify what unnecessary data you hold and dispose of it in accordance with your data retention policy.
Rely on our expertise
As experts with a rare mix of technical legal knowledge and hands-on industry experience, you can rely on us to solve problems quickly and provide practical solutions.
Raise staff awareness
Your staff need to be aware of data protection rules and its impact on the way personal information should be treated.
Provide peace of mind
A comprehensive data protection compliance audit followed by implementation of any recommendations made by our auditor provides you with the peace of mind to know that you have taken all reasonable steps to comply with your obligations under UK GDPR.
Why choose our data protection solicitors?
Let us reduce your risk so you can focus on what you’re good at: your business
Data protection compliance is rarely straightforward and can overwhelm some small and medium-sized businesses.
Our data protection solicitors are here to support your business, providing clear, jargon-free advice that allows you to effectively maintain your business as usual while complying with various data protection rules.
Our team has a rare mix of technical legal knowledge and hands-on industry experience. We have extensive experience gained at other top law firms, and many of us have worked in-house for large commercial organisations. So, we understand the practical difficulties businesses face when trying to meet their data protection obligations.
Find out more about the team here:
Testimonials
What our clients say
We initially turned to Harper James for help in one part of our business but quickly realised we could benefit from their support in other areas too. The level of service has been impressive. What I like about Harper James is they seem to take a proactive approach to legal services provision. They’ve looked at our business and made suggestions as to areas where they can best focus their support and expertise. It is reassuring to have a legal services provider like that working alongside you.
Heidi Ayton
Chief of Compliance,
Croud
Harper James have become a vital part of our business. We get quality advice from experienced solicitors at prices that other firms do not appear to be able to match.
Veejay Lingiah
CEO,
Flash Sticks
It's very cost efficient and fast. I have enjoyed talking to everyone in the company as they are not only knowledgeable but can also relate to the situations that I need assistance with. Very happy!
Kerem Sozugecer
Founder & CEO,
LeftBrain Technology
As a young company, getting the right advice regarding staff, contracts, policies and procedures can be crucial. Harper James delivers this for us with professional, expert lawyers across all our desired areas, who are always able to provide all the support we need and more. This has enabled us to concentrate more on growing and developing our business.
Imogen Wethered
CEO,
Qudini
Becky went above and beyond the call of duty… she was emailing me on Christmas Eve to get the matter sorted before the looming deadline. She also pivoted the data terms when a Brexit deal was reached, at the eleventh hour. It’s really helped make sure we are on top of things for our European clients
Kate Peever
Operations manager,
Growth Engineering
Very easy to work with, explain complex information in a clear and accessible manner. Spent the extra time to research and confirm all options and was very clear about the costs and confirmed before any commitment.
Martin Farrington
Director of Information Technology,
The Future Laboratory
Lillian is really helpful and clear in her communications. Her advice is pragmatic and she works in a timely manner, as well as having an approachable nature.
Janna Bates
Head of HR,
easyfundraising
We initially turned to Harper James for help in one part of our business but quickly realised we could benefit from their support in other areas too. The level of service has been impressive. What I like about Harper James is they seem to take a proactive approach to legal services provision. They’ve looked at our business and made suggestions as to areas where they can best focus their support and expertise. It is reassuring to have a legal services provider like that working alongside you.
Heidi Ayton
Chief of Compliance,
Croud
Harper James have become a vital part of our business. We get quality advice from experienced solicitors at prices that other firms do not appear to be able to match.
Veejay Lingiah
CEO,
Flash Sticks
It's very cost efficient and fast. I have enjoyed talking to everyone in the company as they are not only knowledgeable but can also relate to the situations that I need assistance with. Very happy!
Kerem Sozugecer
Founder & CEO,
LeftBrain Technology
As a young company, getting the right advice regarding staff, contracts, policies and procedures can be crucial. Harper James delivers this for us with professional, expert lawyers across all our desired areas, who are always able to provide all the support we need and more. This has enabled us to concentrate more on growing and developing our business.
Imogen Wethered
CEO,
Qudini
Becky went above and beyond the call of duty… she was emailing me on Christmas Eve to get the matter sorted before the looming deadline. She also pivoted the data terms when a Brexit deal was reached, at the eleventh hour. It’s really helped make sure we are on top of things for our European clients
Kate Peever
Operations manager,
Growth Engineering
Very easy to work with, explain complex information in a clear and accessible manner. Spent the extra time to research and confirm all options and was very clear about the costs and confirmed before any commitment.
Martin Farrington
Director of Information Technology,
The Future Laboratory
Lillian is really helpful and clear in her communications. Her advice is pragmatic and she works in a timely manner, as well as having an approachable nature.
Janna Bates
Head of HR,
easyfundraising
News and client stories
